Module 4: Remote Access Setup - Part 1#

Initial Cloud Server Setup When setting up a cloud server for personal projects like FreshRSS, several key decisions and configurations need to be made for optimal performance and security.

Choosing Server Location Server location affects the speed of your connection to FreshRSS. Choose a location based on your physical location, not your VPN location, because:

  • Your VPN usage may vary
  • Direct connections are always faster than VPN-routed ones
  • Traffic flow is more efficient: You → Server (direct) vs You → VPN → Server
  • Latency stacking (multiple hops) degrades performance

Creating Your Cloud Server When deploying a new server on platforms like Vultr:

  • Choose Cloud Compute (basic VPS)
  • Select Ubuntu 22.04 LTS for stability and security
  • The smallest plan (1 CPU, 512MB RAM) is sufficient for personal FreshRSS use
  • Enable automatic backups if available

Understanding VPS (Virtual Private Server) A VPS is a virtual machine running on cloud provider hardware. It:

  • Functions like a dedicated server
  • Shares physical hardware with other users securely
  • Provides cost-effective hosting
  • Offers full control over your environment

Securing SSH Access SSH (Secure Shell) provides encrypted access to your server. Basic security setup involves:

  1. Creating a non-root user:
adduser username
usermod -aG sudo username

The -aG flags are crucial:

  • -a: Append to existing groups
  • -G: Specify group modification This preserves existing groups while adding sudo privileges.
  1. Setting up SSH key authentication:
# On your local machine:
ssh-keygen -t ed25519 -C "freshrss-vultr"

Flags explained:

  • -t ed25519: Specifies the key type (modern, secure, efficient)
  • -C: Adds a comment to identify the key’s purpose

Understanding Ed25519 Keys Ed25519 is a modern public-key cryptography algorithm that:

  • Provides better security than older RSA keys
  • Uses shorter key lengths (more efficient)
  • Offers faster processing
  • Has robust implementation standards

Key Deployment Process After generating your key pair:

  1. The private key stays on your local machine
  2. The public key gets copied to your server
  3. The server uses this pair for authentication:
    • Your machine proves identity with private key
    • Server verifies against public key
    • More secure than passwords as private key never transmits

Next Steps The next part of Module 4 will cover:

  • Firewall configuration
  • Docker installation on the cloud server
  • FreshRSS deployment
  • Remote access setup